Discussion on:

What's with Generation Y and online privacy?

Social media, while useful for the rapid distribution of information, also serves as a vehicle for a sense of self-importance to those who feel that people really care what they ate, what they did, and who they don't like. Too often this rapid sharing of information causes issues though. Several things come to mind. First, you can't tell tone or intent via text. My own kids will say "can you believe what so and so said?". Almost always it's something that can be taken several different ways...usually the worst is assumed. Second, most people would NEVER say things to peoples face that they'll write in a text, email, blog, or other methods that don't involve actually seeing someone. And third, once sent/posted/tweeted, many of those comments that seemed appropriate to that mood at that one particular moment, can't easily be retracted.

The comedy of the Gen-Y's is they don't see that they're often losing the ability to communicate face to face, and they share details of their lives online that perhaps they'd never do in person and as with most things online, controlling information once "out there" is very difficult. They'll get it eventually, hopefully before they do or say something they'll regret years later.

the ability (knowledge) to better control one's "privacy" yields a less-worrysome attitude about possiole violations of that privacy.

Or, the "Gen-Y" have not yet experienced the consequences of poor management of their privacy.

Privacy is already gone and guess which generation took it away? CISPA is just the beginning. Protecting your privacy on the Internet is a catch 22. The only way to guarantee privacy is to not go on the Internet.

if you tell your employer that...

Is what your definition of privacy is. Without knowing that it is hard to have a discussion. Millennials have a different definition than you do. Determining who is right is a whole different thing.

to solve if you never publicly use your real name. I haven't since 2001. And If I have to, I use fake background information; although for the sake of accurate interaction with other professionals, I don't do that here on TR. If you do a simple Google search of my fake name, you will see me all over the place. That doesn't bother me much.

Nick did hit it on the nail head though. I did have to use my real name when I was employed by a non-profit. But we were under tight HIPAA regulations, and even my email was under SSL and VPN during my entire stay there. So I doubt much leaked to the public arena.

You are most likely in many databases government and other-wise. My research has shown that most privacy breaches are through attacks on these databases, not what an individual does or does not do.

to what Michael said, there is the degrees of separation problem. They can figure out who you are by linking back through your friends and behavior on the net. (They being FB in particular.) Trying to remain anonymous is pretty much a futile effort these days thanks to the amount of data they have and how they can mine it.

but if you become that kind of a target, all bets are off anyway. I just would like to fly just below the radar of the robot types of surveilance. Of course Michael points out that it is the compromise of the online vendors that cause one big leak in that area of personal identity, and he has a good point there.

It is too bad that some kind of realistic security standard didn't come out with congressional over-site a long time ago; but lawmakers are too ignorant to even think about pushing in that direction. I suppose true privacy is doomed, but I'm still willing to beat the drum no matter what.

We need drum beaters.

http://www.apa.org/news/press/releases/stress/2012/generations.aspx

They grew up with the government knowing who they were by parents giving up their SSN's to schools. They were encouraged to share and receive accolades for the sharing. Not saying there is anything wrong with that in a exploding population where security becomes "Big Brother" The fallout is soon to be seen.

As to what you mean by "Security becomes Big Brother?" As a huge fan of Mr. Blair, I have to ask.

that they got SSNs in the hospital when they were born (rather than waiting until they began to work, like us oldsters...

I thought it was odd, and realized that SSN was being used for more than employment. I have written articles about bad guys who find new-born SSN and sell them. As the new born or parents are not going to worry about the SSN until the child starts working.

The first year the Infernal Revenue started requiring SSNs on the tax return for all claimed children, there were seven million fewer exemptions claimed.

One example:
In a nation wide (Netherlands) electronics chain the cashier asked for part of my zip code. The complete zip code in the Netherlands determin the city and which part of a street you live in. The first 4 digits determine the block you live in. The answer to the question of the cashier would give:
- the block I lived in
- what I bought
- At which time frame
- What kind of payment I used
- Probably by using a debit/creditcard who I am.
- The amount I spend.
- Which subsidiary of the store

Combine this information with thousands of other such transactions these stores can put together a lot of demographic information....

to transmit this information over SSL or even a VPN connection. I don't consider that quite in the same category as this topic. However, I can see your point as to how much information is actually needed for a clerk in an ordinary mercantile transaction.

Merchants are clueless as to why or what is needed to carry out the transaction. They just do what is required for them to get paid.

and I keep forgetting about sloppy point of sale practices; thanks for bringing me back to reality once again! or perhaps is more appropriate?

Sometimes avoiding reality is more fun.

A while back I wrote an article about how a group of researchers were able to glean a person's entire social security number from just the last four digits and the information you mentioned.

this person recommends dispensing with privacy completely, and using a firm(ware) data base as a cross check to protect your rights. The argument being it is worse to have someone build a fake you than the real you - Might be on to something here - under this system your ID could never be compromised, because it is written in stone - so to speak - so no one could simulate you - and no one could rob the data base for more knowledge to complicate the scheme.

Perhaps this would make it easier to clean up one's ID at the big three credit bureaus because they would have an authority they could cross check. I saw on 60 minutes Sunday, that it is still a nightmare to get inaccurate information off your credit report, because they essentially leave the onus on you to prove yourself! A very vexing situation indeed!

They aren't the same thing. How is putting all my information on public display protecting it?

This would be a data base that was only used by authorities and credit bureaus for reference. Privacy is the issue here, because that is exactly what protects your personal ID. Social sites, and other vendors, would only have access to certain data, but that data would be like a flag or benchmark, you wouldn't really be able to verify exactly who the individual is in a complete way, but you would know the flag was legitimate, because the underlying data base would be without compromise. Obviously to develop such a data base, you would have to have the latest and most high assurance system, and new security technology to harden such a site. This would be a system that was better than Fort Knox, and actually the government is a bad example, because I believe even DARPA has been compromised in the past.

My client actually did want full disclosure, because this individual saw inaccurate information as more dangerous than everyone knowing exactly who you are. I'm not willing to go that far, but my modification of the idea seems possible. The "Flag" I reference here, would be an encrypted ghost identity tied to the real data. That way if a vendor was compromised, a cross check would catch the anomaly and dump the old ID, to create a new one, that was synchronized across the internet automatically. The criminals couldn't do anything with the old information any more, so they couldn't impact the victim of the privacy breach.

And the government does not have to disclose if they get compromised.

I'm already paying with a debit card. If they can't mine that data for the relevant information, I see no reason to help them.

Several years ago, a K-mart cashier said she had no way to process my purchase without a phone number. Her manager agreed. Whether they were right or wrong, I haven't been back since.

Was the inability K-Mart based or the card processor? I guess K-mart should have changed the policy as they are no longer around.

I suggested entering all '9's, all '0', the store number, but both clerk and manager rejected these ideas. It wasn't the card reader; I was verbally asked by the clerk, who was going to punch it into the cash register. If it actually was a programming requirement, then somebody had his head WAY up his sphincter.

K-Mart is still around (including the store I no longer patronize), but it's on its back and feebly kicking its legs in the air.

I thought Sears and K-Mart did the merge thing. They all disappeared around here.

Occasionally you will see a surviving K-Mart in the heartland. It depends on the local market - and customers are loyal to them. I suspect the reason is that the local manager is a genius compared to the other local big lots that shrivel an die.

Sort of. One of our customers has equipment in K-Mart (and just about everywhere else, as well!). I have four or five in my territory.

They are independent or part of Sears?

Sort of the poor man's choice. You still find the standard K-Mart fare, but you can also buy Craftsman tools, Kenmore appliances, and other Sears brands there. You just don't have the selection you would at a full-on Sears store.

While the prices might be somewhat higher than at Walmart, the service is much better.

the K-Mart prices generally beat Walmart's. Wally World only lowers enough price points to get people into the store so they can bait and switch everyone. I hate going there, but they are typically the only supply source that actually stocks what I need. I always go to Target first, and it is almost always cheaper. Plus I can find EVERYTHING - unlike Wally World! I hate that place!

There's no way to verify that its your REAL phone number, so just start rattling off some digits. Far easier than storming out of the store without your purchases.

Five three oh ni-i-ine

A fine memory it is,

Now I'll have bloody Tommy Tutone in my head until I get in the truck and fire up something normal, well...OTHER 80's tunes anyway.
OMG, it's started already, GET OUT OF MY HEAD! YOU DIDN'T MAKE TODAY'S, MENTAL PLAYLIST!!!

If that phrase is good enough for K-Mart's competitors, it's good enough for K-Mart.

If you don't tell a business why you won't be returning, how will they know why they're losing customers? Radio Shack used to ask for this information, until enough customers complained and they stopped.

My son worked for RS and remembers that.

I know online it doesn't always work. They must be able to run the number real time to test it.

Possibly the exchange numbers too.

Easy to avoid with a $10 burner phone from Radio Shack, registered to an address that doesn't exist and paid for with cash.

My son worked for RS for years and they still ran a simple credit check, at least in the corporate store where he worked.

Too many other places I can shop without $10 overhead.